Show Hide

 

Feedback

  • Contents
 

Configure Secure Token Server

The CIC server contains a Secure Token Server subsystem that issues security tokens to user agents (applications) that supply successful principal (user) authentication.User agents (CIC client applications) can then provide that security token to the service provider (CIC server) for subsequent requests to access its other resources or subsystems.

  1. Ensure that you have the following information for the service provider endpoint (CIC server):

    Item

    Description

    Machine name

    The machine name represents the address through which user agents (client applications) can contact the Secure Token Server subsystem of the CIC server.

    For more information about Secure Token Server addresses, see Single Sign-On configurations.

    Network port for HTTPS/SAML messages

    The default network port on the CIC server for HTTPS/SAML messages is 8043.

  1. Open Interaction Administrator.

  2. In the left pane of the Interaction Administrator window, expand the Single Sign-On container and select the Secure Token Server object.

  3. In the right pane, double-click the Configuration entry.

    Interaction Administrator displays the Secure Token Server Configuration dialog box.

  4. In the Port and Machine Name controls of the Secure Token Serve Configuration dialog box, enter the address through which user agents (CIC client applications) can reach the Secure Token Server subsystem of the CIC server.

Note: If you do not enter text in the Machine Name box, the CIC server uses its Fully Qualified Domain Name (FQDN).

Do not enter the port number for an ICWS subsystem (default: 8019) in the Port box.

If you are using the CIC server as both the service provider and identity provider, ensure that the address that you enter in the Machine Name box is accessible by workstations that host CIC applications for Single Sign-On.This aspect is important if the workstation and CIC server are in different domains.

For more information on the correct address to enter in the Machine Name box, see Single Sign-On configurations.

  1. If needed, you can change the period of time that can elapse before require re-authentication in the Token Expiration control group.

  2. Select the OK button to save this change and close the Secure Token Server Configuration dialog box.